aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--playbook.yml1
-rw-r--r--roles/nginx-geoip/meta/main.yml3
-rw-r--r--roles/nginx-geoip/tasks/main.yml16
3 files changed, 20 insertions, 0 deletions
diff --git a/playbook.yml b/playbook.yml
index 1ac7637..126ad47 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -16,6 +16,7 @@
hosts: nginx
roles:
- nginx
+ - nginx-geoip
- nginx-ufw
- nginx-cloudflare-mtls
diff --git a/roles/nginx-geoip/meta/main.yml b/roles/nginx-geoip/meta/main.yml
new file mode 100644
index 0000000..72b1bd7
--- /dev/null
+++ b/roles/nginx-geoip/meta/main.yml
@@ -0,0 +1,3 @@
+---
+dependencies:
+ - nginx
diff --git a/roles/nginx-geoip/tasks/main.yml b/roles/nginx-geoip/tasks/main.yml
new file mode 100644
index 0000000..3601828
--- /dev/null
+++ b/roles/nginx-geoip/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+# ref https://packages.debian.org/bullseye/amd64/libnginx-mod-http-geoip/filelist
+# installed by default in debian nginx package, including "geoip-database" dep
+# see https://packages.debian.org/bullseye/amd64/geoip-database/filelist
+- name: configure the geoip module
+ copy:
+ # ref https://nginx.org/en/docs/http/ngx_http_geoip_module.html
+ content: geoip_country /usr/share/GeoIP/GeoIP.dat;
+ dest: /etc/nginx/conf.d/geoip.conf
+ owner: root
+ group: root
+ mode: 0444
+ tags:
+ - role::nginx-geoip
+ notify:
+ - reload the nginx service
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-26 09:01:57 +0000